ssh no longer works after upgrade from ubuntu 10.10 server to 11.04
UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ssh no longer works after upgrade from ubuntu 10.10 server to 11.04
Hi,
I upgraded to ubuntu server 11.04 a while back, and ever since then the ssh does not work. For example, if I try to log in it seems to take my credentials but immediately kicks me off. Further looking in the log shows pam_open_session() module is unknown. I do remember it asking to upgrade some /etc/security/something.conf file, so maybe that has something to do with it. I have no clue how to fix this, and for now I'm stuck using my host's out of band access (and no sftp or scp either). Any help is appreciated.
Thanks,
-Michael.
The pam_open_session function sets up a user session for a previously successful authenticated user.
I don't think you have the full picture. Provide more information on how you are logging in? Are you trying to log into you regular user account? Do you use public key authentication?
Try logging in using the -vv option to provide better debugging messages on the client side. It will show messages from both the client and the server.
Hi,
To answer your questions:
I am using simply user/password authentication, and I am logging into a user account I could access since I created the server (until this upgrade).
I will try using the option you mention (if I can figure out how to get it working ) and let you know what happens.
Thanks,
-Michael.
The SSH connection is being established. You are even getting the 'issue' message. Could you check the kernel messages at the same time on the server? A failure with PAM may post a message there. Also look in /etc/security/ and the PAM config files for files with .new at the end which sometimes indicate recommended changes after a package is updated, but the old one may contain lines you need to retain.
I had a problem with SSH after installing a new version of openSuSE. I needed to precede the a path in sshd_config with %h/ that I hadn't need before.
Entering a portion of your error message exactly, inside double quotes, in a Google search may return results useful in finding a solution.
Hi,
I looked in many places, including /var/log/syslog, /var/log/kern.log, /var/log/auth.log, and a couple others. i found nothing more noticable than I found before, namely that pam says "pam_open_session(), module is unknown")
Thanks,
-Michael.
I looked in the manpage for "pam_open_session". It is a function and not a module. You might want to check your pam configuration and make sure you have all your files. Could you post your common-session and sshd files in /etc/pam.d/?
Start with the sshd file. Make sure you have the .so files mentioned in /etc/security.
For example:
Code:
#%PAM-1.0
auth requisite pam_nologin.so
auth include common-auth
account requisite pam_nologin.so
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
session optional pam_lastlog.so silent noupdate showfailed
In this example, the pam modules pam_nologin.so, pam_loginuid.so and pam_lastlog.so are used. The common-auth, common-account, common-password and common-session files are pam config files in /etc/pam.d/ that may also use different pam modules.
Hi,
If you mean that the *.so files mentioned in /etc/pam.d/sshd should be in the directory /etc/security/, there are absolutely no *.so files there. I also looked in /lib/security, and there was only pam_mysql.so in there.
Thanks,
-Michael.
Hi,
I looked in /lib/security and all that is there with a .so extension is pam-mysql.so. I don't see anything listed in sshd there. As for lib64/security, it doesn't even exist (I am running a 32 version of ubuntu, however).
Hth,
-Michael.
Check your package manager to see what files should be supplied with the base PAM packages. The pam_unix2 module should be supplied. It's one that is always used to log in as far as I know.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.